It's great to see interest in the Keycloak project :)
We've been quite busy with getting the alpha out the door (hopefully it'll be
released tomorrow) hence the lack of response. Also, I don't think Bill follows
aerogear-dev.
Would be good to start discussions on these items, maybe as separate posts to
keycloak-dev?
A few thoughts from me:
* We've got a quick and dirty OpenShift cartridge
(
) - it's based on the WildFly
cartridge by Corey Daley. Seems to work pretty well and took me about an hour to do the
mods. I was considering if it was possible to do the Keycloak and UPS cartridges as
add-ons to the WildFly cartridge (same as postgresql and mysql cartridges). That way you
can mix and match whatever combo you want. A specific cartridge may provide a better
integrated experience though. Maybe we can ping someone in the OpenShift team to find out
the correct approach?
* Mobile SDKs - There's not much effort yet on supporting mobiles. Maybe you could
help us with creating Keycloak SDKs, with most of the code reusable in AeroGear and
LiveOak?
* JS - None in Keycloak, but I've started one in LiveOak. Again, could we do a
Keycloak JS lib that could be reused by AeroGear and LiveOak?
If you have any issues/questions at all post to keycloak-dev and I'm sure me and Bill
will fight to see how gets to answer first ;)
----- Original Message -----
From: "Matthias Wessendorf" <matzew(a)apache.org>
To: "AeroGear Developer Mailing List" <aerogear-dev(a)lists.jboss.org>
Sent: Wednesday, 22 January, 2014 7:41:10 AM
Subject: Re: [aerogear-dev] Keycloak integration ideas
On Tue, Jan 21, 2014 at 11:10 PM, Jay Balunas < jbalunas(a)redhat.com > wrote:
On Jan 19, 2014, at 10:18 AM, Matthias Wessendorf < matzew(a)apache.org >
wrote:
On Fri, Jan 17, 2014 at 10:04 PM, Jay Balunas < jbalunas(a)redhat.com > wrote:
Hi All,
Sorry all - book mode ;-)
We've had a couple of threads around keycloak integration (thanks Abstractj)
and working together with them (both in our dev list and theirs). I had a
meeting (dinner really) with Bill and talked about some possibilities and
we're both excited to see what can happen.
I wanted to capture some of those thoughts here (as well as some that already
started before), have some discussions, and more importantly talk about next
steps (jira's) to get some of this in the pipeline. I'm sure this is not
exhaustive either, so please add your own thoughts, brainstorming etc...
(for example Cordova plugin perhaps?)
*In no particular order
A) AeroGear security integration
** Abstractj already posted and implemented some of these changes
**
http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Keycloak-on-AeroGe...
** What's left here? Is it plug-able? Does it need to be?
The work started by Bruno looks promising. I like that for the login to the
UPS Admin UI is being forwarded to the Keycloak server.
As mentioned on the referenced thread, there is a bit of more work needed for
the "protection" of the SEND (and likely device registration) URLs.
B) Crypto key management
** Server-side encryption key management for client crypto
** Abstractj had some discussions here
***
http://lists.jboss.org/pipermail/keycloak-dev/2013-December/000915.html
*** Where does that stand?
** Do we need our own impl as well?
C) UnifiedPush server integration
** User management, Auth*
** Do we have our own basic impl for quickstart experience?
** See below for possible combined cartridge options
yep, the UPS come in mind and as mentioned in A) Bruno was already actively
starting this shortly before XMAS.
D) Cross-project examples, tutorials, docs, etc...
** TBD
Sure, combined docs/tutorials/examples are a good item once we do have a bit
more :-) Not sure it makes much sense now, but I can be wrong
Completely agree now is not the time. Just wanted to bring it up for
discussion.
KeyCloak has some things they need as well, that we could work together on.
I'm sure the KeyCloak team could add more here :-)
Z) Device support
** We need it, they need, and others need it
** Bill would like us to help them (and us at the same time) with this.
yeah - that would be an extremely good fit for our Push efforts.
We'll need someone to setup a mtg, or discuss on the topic. Any takers?
I can reach out to them, via mailing list, to see what they are up to,
regarding "Device support". Not 100% sure which email list is the
'right'
choice (cross-postings are IMO a PITA :))
Y) OpenShift Cartridge for KeyCloak
** I know this is already on their roadmap
** The work Farah and others has already done, could be very helpful to them
** We should also discuss the possibility of a joint cartridge
*** Could be really compelling, especially if you add in device, client key,
and push support with native SDKs & examples
*** Would also want separate cartridges as well imo
yeah, I see various options here:
* 'standalone' Keycloak cartridge (on their roadmap already); Would be nice
to get Farah involved here as well
* combined cartridge (E.g. Push + Keycloak). If we do actually fully
integrate Keycloak into the Push work, IMO this is a required option, to
simply include the Keycloak offerings into our Push Cartridge
Agreed, and I'd like to hear from the keycloak team on this as well. If they
have plans for pairing their cartridge with others.
On their list they are currently talking about standalone ones, but later, we
might be able to integrate w/ their server piece.
X) Client SDK support
** We have client SDKs & could help with their dev (either as part of
AeroGear or KeyCloak perhaps)
** Primarily for iOS & Android, but would also want see where JS & Cordova
fit.
Yes, another good integration item, would be interesting to know their
'requirements'. I think our OAuth2 related work, would be something that's
interesting for them as well
+1
You start putting all of this together and there is a great set of
functionality that really compliments each other well. After we discuss for
a while, I'd like to find owners for the various items to help make progress
on these. Abstractj is awesome, but not sure he can do it all ;-)
yes, great work by Bruno w/ getting actively started on this
+1
-Jay
PS: I'll post an email to the keycloak-dev list as well pointing to this
thread on our list.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev